<?php

/*
 * ************************************************* 
 * Created on :2012-5-1 21:49:07
 * Encoding   :UTF-8
 * Description:
 * 
 * @Author @lqs <soso2501@gmail.com>
 * @WAP_WEIBO (C)1996-2099 SINA Inc. 
 * ************************************************
 */

define("LOG_COOKIE_NAME", 'xyhuser__');

class User {

    var $userid;
    var $username;
    var $email;
    var $img;
    var $role;
    var $password;
    var $realname;
    var $phone;
    var $iyear;
    var $class;
    var $workunit;
    var $createtime;
    var $lastlogintime;
    //0表示 ok,1表示未登录, 2表示未通过
    var $state;
    private $table = 'user';
    static $allow_roles = array("USER" => "普通用户", "ADMIN" => "超级管理员", "PLACE" => "地方管理员");

    private function setval($r) {
        $this->userid = $r['userid'];
        $this->username = $r['username'];
        $this->email = $r['email'];
        $this->img = $r['img'];
        $this->role = $r['role'];
        $this->password = $r['password'];
        $this->realname = $r['realname'];
        $this->phone = $r['phone'];
        $this->iyear = $r['iyear'];
        $this->class = $r['class'];
        $this->workunit = $r['workunit'];
        $this->createtime = $r['createtime'];
        $this->lastlogintime = $r['lastlogintime'];
    }

    function __construct() {
        //从session创建
        if (!empty($_SESSION['userid'])) {
            $this->userid = intval($_SESSION['userid']);
            $r = DB::GetTableRow($this->table, "userid=$this->userid");
            if (empty($r)) {
                $this->state = 1;
                unset($_SESSION['userid']);
                return;
            }
            $this->setval($r);
            if ($r['pass'] == 'N') {
                $this->state = 2;
                unset($_SESSION['userid']);
                return;
            }
            $this->state = 0;
        } else {
            $this->from_cookie();
        }
    }

    private function from_cookie() {
        if (empty($_COOKIE[LOG_COOKIE_NAME])) {
            $this->state = 1;
        } else {
            $ck = $_COOKIE[LOG_COOKIE_NAME];
            $this->userid = intval(substr($ck, 0, 6));
            $r = DB::GetTableRow($this->table, array("userid" => $this->userid));
            if (substr($ck, 6) == md5($r['username'] + $r['password'])) {
                $this->setval($r);
                if ($r['pass'] == 'N') {
                    $this->state = 2;
                    setcookie(LOG_COOKIE_NAME, '');
                    return;
                }
                $this->state = 0;
                $_SESSION['userid'] = $this->userid;
            } else {
                setcookie(LOG_COOKIE_NAME, '');
                $this->state = 1;
            }
        }
    }

    private function set_cookie() {
        $v = sprintf("%06d", $this->userid);
        $v .= md5($this->username + $this->password);
        setcookie(LOG_COOKIE_NAME, $v, time() + 24 * 3600 * 30, "/");
    }

    /**
     * 验证登录，传过来的password为md5过的字符串
     * @param type $user
     * @param type $pass
     * @param type $autologin
     * @return int 1表示成功 ，0 表示用户名或密码不对，2表示用户还没有通过审核
     */
    public function checklogin($user, $pass, $autologin = false) {
        $r = DB::GetTableRow($this->table, array("username" => $user, "password" => $pass));
        if (empty($r)) {
            return 0;
        }
        $this->setval($r);
        if ($r['pass'] == 'N') {
            return 2;
        }
        $this->state = 0;
        $_SESSION['userid'] = $this->userid;
        if ($autologin) {
            $this->set_cookie();
        }
        return 1;
    }

    public function logout() {
        unset($_SESSION['userid']);
        setcookie(LOG_COOKIE_NAME, '');
    }

    /**
     * 注册一个用户，这个用户的状态为不可用。需要通过审核
     * @param type $data
     * @return int 返回状态，>0表示成功表示id，-1表示用户名已经被使用或者用户名为空，-2表示信息不完整
     */
    public function register($data) {
        if (empty($data['username']) || empty($data['email']) || empty($data['password']) ||
                empty($data['realname']) || empty($data['phone']) || empty($data['iyear']) ||
                empty($data['class'])) {
            return -2;
        }
        if (!$this->checkunique($data['username'])) {
            return -1;
        }
        $insert_data = array();
        $insert_data['username'] = $data['username'];
        $insert_data['email'] = $data['email'];
        $insert_data['img'] = empty($data['img']) ? NULL : $r['img'];
        $insert_data['role'] = "USER";
        $insert_data['password'] = $data['password'];
        $insert_data['realname'] = $data['realname'];
        $insert_data['phone'] = $data['phone'];
        $insert_data['iyear'] = intval($data['iyear']);
        $insert_data['class'] = $data['class'];
        $insert_data['workunit'] = empty($data['workunit']) ? NULL : $data['workunit'];
        $insert_data['createtime'] = date("Y-m-d H:i:s");
        $insert_data['lastlogintime'] = NULL;
        $insert_data['pass'] = 'N';
        return DB::Insert($this->table, $insert_data);
    }

    /**
     * 判断这个用户名是不是唯一的
     * @param type $username
     * @return boolean 
     */
    public function checkunique($username) {
        $r = DB::GetTableRow($this->table, array("username" => $username));
        if (empty($r))
            return true;
        else
            return false;
    }

    /**
     * 审核通过,只有admin才能使一个用户通过
     */
    public function pass($userid) {
        if ($this->role != 'ADMIN' || empty($userid))
            return false;
        DB::Update($this->table, $userid, array("pass" => "Y"), "userid");
        return true;
    }

    /**
     * 更新用户信息
     * @param type $data 
     */
    public function update($data) {
        if (!is_array($data))
            return false;
        $allow_modify = array("email", "img", "password", "phone", "workunit");
        foreach ($data as $k => $v) {
            if (!in_array($k, $allow_modify)) {
                return false;
            }
        }
        DB::Update($this->table, $this->userid, $data, "userid");
        return true;
    }

    /**
     * 改变一个人的角色
     * @param type $userid
     * @param type $role
     * @return boolean 
     */
    public function changerole($userid, $role) {
        if ($this->role != 'ADMIN' || empty($userid))
            return false;
        $allow_roles = array("ADMIN", "USER", "PLACE");
        if (empty($userid) || !in_array($role, $allow_roles))
            return false;
        DB::Update($this->table, $userid, array("role" => $role), "userid");
        return true;
    }

    /**
     * 获取其它用户的信息
     * @param type $userid 
     */
    public function byid($userid) {
        $r = DB::LimitQuery($this->table, array("condition" => array('userid' => $userid),
                    'one' => true));
        return $r;
    }

    public function bycondition($condition, $offset, $size) {
        return DB::LimitQuery($this->table, array("condition" => $condition, "offset" => $offset, "size" => $size));
    }

    public function countbycondition($condition) {
        $r = DB::LimitQuery($this->table, array("condition" => $condition, "select" => "count(*) as count", "one" => true));
        return $r['count'];
    }

    public function changepwd($old, $new) {
        $r = $this->checklogin($this->username, $old);
        if ($r != 1) {
            return "密码验证失败";
        } else {
            $this->update(array("password" => $new));
            return "修改成功";
        }
    }

}

/* End of file User */


